In light of growing threats and the increasing complexity of information technology, organizations must get everyone in the enterprise, especially top leaders, involved in assessing and managing information risk.
Like the cartoonish Kilroy peeking his head over a wall during World War II, unemployment among IT security professionals has bared its head. But don't take these stats as gospel. The data suggest 'full employment' reigns in the infosec community of workers.
A long-overdue omnibus package that includes HIPAA modifications tops the list of regulations dealing with health data privacy and security issues that are pending for 2013. Find out what else is on the horizon.
A breach that resulted in a $1 million HIPAA settlement led Partners Healthcare in Boston to take many significant steps, including merging its privacy and security efforts, says CISO Jennings Aske. More changes are planned for 2013.
A new report says the Department of Health and Human Services must improve oversight of the HITECH Act's EHR incentive program, so that providers show better proof of compliance, including risk assessments.
The leaders in Congress on cybersecurity matters are the chairs of the committees that have jurisdiction over IT security. In both houses, chairmanship changes mean new lawmakers will lead legislative initiatives on cybersecurity in the 113th Congress.
South Carolina's Revenue Department went nearly a year without a chief information security officer before its tax system was hacked this summer. The agency's chief says the state couldn't find a qualified candidate for the job that pays $100,000 a year.
Comments are being accepted through Jan. 14, 2013, on potential privacy and security requirements to be included in the meaningful use rule for Stage 3 of the HITECH Act's electronic health record incentive program.
Farzad Mostashari, who heads the Office of the National Coordinator for Health IT, told a House panel that the HITECH incentive program is on track to achieve its goals of widespread adoption of EHRs and secure data interchange.